diff options
author | Neil Fuller <nfuller@google.com> | 2014-12-11 10:09:16 +0000 |
---|---|---|
committer | Neil Fuller <nfuller@google.com> | 2014-12-11 10:09:16 +0000 |
commit | bfeba0c4f45e8e04a6f25425af8cd7cb3f4ba84f (patch) | |
tree | 75cf311319ae80e37b98f8b440417402da910588 | |
parent | 77a7e48ac80c5bb9ac4d9b6bfdecf31d46b09fd1 (diff) | |
download | libcore-bfeba0c4f45e8e04a6f25425af8cd7cb3f4ba84f.tar.gz |
Fix for TLS HTTP connections with GMS sockets
The logic was incorrect. If the socket is not the platform version all
connection attempts would be treated as fallbacks.
Bug: 18675956
Change-Id: I7bb1f84127fbede75f12b0a8dec7d4a7374f0b22
-rw-r--r-- | luni/src/main/java/libcore/net/http/HttpConnection.java | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/luni/src/main/java/libcore/net/http/HttpConnection.java b/luni/src/main/java/libcore/net/http/HttpConnection.java index e36586fe3fa..8cc3f01a3fe 100644 --- a/luni/src/main/java/libcore/net/http/HttpConnection.java +++ b/luni/src/main/java/libcore/net/http/HttpConnection.java @@ -202,7 +202,8 @@ final class HttpConnection { openSslSocket.setUseSessionTickets(true); openSslSocket.setHostname(address.uriHost); // use SSLSocketFactory default enabled protocols - } else { + } + if (!tlsTolerant) { // In accordance with https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 // the SCSV cipher is added to signal that a protocol fallback has taken place. final String fallbackScsv = "TLS_FALLBACK_SCSV"; |